I am looking to purchase a switch with 24+ ports. The set of security criteria that I should bear in mind when selecting a switch is not clear to me.
I have tried to take other networking security issues into account already, and I'm only asking about the set of risks related to a network switch. I have already set up a firewall to protect my network, configured my wireless access points for secure settings, and my networking equipment is in a locked closet. In light of reports of networking equipment being remotely exploited, I'm trying to figure out what I need to consider when reviewing candidate products.
Currently, I believe the following are important criteria:
- Timely firmware updates
If an exploit for the switch is discovered, is there a way to update the firmware? Also, will the switch manufacturer supply a firmware update in a timely manner?
- Management
Not sure if this will be a net security plus. On the one hand, might enable security-related features such as VLANs. On the other, might just expand the attack surface over a "dumb" unmanaged switch.
- Management / Configuration interface
Should be via SSH or TLS to allow only authorized access.
- VLAN support
Allows network segregation (trusted vs. guest network), yet might expand the attack surface.
- Reputation
Is this a situation where only a handful of manufacturers have a solid security track record? Or is this irrelevant?
- Logging / SNMP
Useful for monitoring, or another attack surface not worth the trouble?
Are there other criteria that one should consider? Or refinements to the above criteria?